Blog
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss
The vulnerability, rated 9.1 out of 10 on the CVSS scoring system, is an improper authorization vulnerability and affects all versions of Confluence Data Center and Server.
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss
Atlassian has warned of a critical security flaw in Confluence Data Center and Server that could result in "significant data loss if exploited by an unauthenticated attacker." Tracked as CVE-2023-22518, the vulnerability is rated 9.1 out of a maximum of 10 on the CVSS...
Malicious NuGet Packages Caught Distributing SeroXen RAT Malware
Cybersecurity researchers have uncovered a new set of malicious packages published to the NuGet package manager using a lesser-known method for malware deployment. Software supply chain security firm ReversingLabs described the campaign as coordinated and ongoing...
PentestPad: Platform for Pentest Teams
In the ever-evolving cybersecurity landscape, the game-changers are those who adapt and innovate swiftly. Pen test solutions not only supercharge productivity but also provide a crucial layer of objectivity, ensuring efficiency and exceptional accuracy. The synergy...
Five Guys Discloses Hack of Two Employee Email Accounts
The breach, discovered on June 7, was the result of business email compromise. While the total number of individuals impacted was not disclosed, only three residents of Maine were affected.
Trojanized PyCharm Software Version Delivered via Google Search Ads
A new malvertising campaign has been observed capitalizing on a compromised website to promote spurious versions of PyCharm on Google search results by leveraging Dynamic Search Ads. "Unbeknownst to the site owner, one of their ads was automatically created to promote...
Crypto Thief Steals $4.4 Million in a Day as Toll Rises From LastPass Breach
LastPass previously disclosed a breach in August 2022, where an attacker obtained customer information and encrypted vault data, leading to the theft of over $35 million worth of crypto from around 150 victims.
SEC Charges SolarWinds, its CISO With Fraud
SolarWinds and its CISO Timothy Brown have been charged by the SEC for fraud and internal control failures related to misleading investors about their cybersecurity practices leading up to the Sunburst attack.
Canada Bans WeChat and Kaspersky Apps On Government Devices
Canada on Monday announced a ban on the use of apps from Tencent and Kaspersky on government mobile devices, citing an "unacceptable level of risk to privacy and security." "The Government of Canada is committed to keeping government information and networks secure,"...
RCE Exploit for Wyze Cam v3 Publicly Released, Patch Now
A security researcher has discovered two vulnerabilities in Wyze Cam v3 firmware and released a proof-of-concept exploit that can be used to gain remote code execution and take over vulnerable devices.
FREE GUIDE